Java 生产环境中的加密异常
我在加密的生产环境中遇到问题 以下代码是问题的来源:Java 生产环境中的加密异常,java,tomcat,encryption,Java,Tomcat,Encryption,我在加密的生产环境中遇到问题 以下代码是问题的来源: public static void standardExceptionHandling(Exception exc, Logger alog) { StringWriter sw = new StringWriter(); PrintWriter pw = new PrintWriter(sw); exc.printStackTrace(pw); alog.info(sw.toString()); /* Li
public static void standardExceptionHandling(Exception exc, Logger alog) {
StringWriter sw = new StringWriter();
PrintWriter pw = new PrintWriter(sw);
exc.printStackTrace(pw);
alog.info(sw.toString()); /* Line 292 */
}
/**
* Method that takes a key/value set, converts it into a standard web parameter string
* and then encrypts the string.
*
* @param values the key value set
* @return the encrypted string
*
*/
public static String encrypt(Map<String, String> values) {
StringBuilder unencrypted = new StringBuilder();
boolean first = true;
for (Map.Entry<String, String> value : values.entrySet()) {
if (first) {
first = false;
} else {
unencrypted.append("&");
}
unencrypted.append(value.getKey())
.append("=")
.append(value.getValue());
}
try {
Cipher cipher = Cipher.getInstance("AES");
Key aesKey = new SecretKeySpec(AES_KEY.getBytes(), "AES");
cipher.init(Cipher.ENCRYPT_MODE, aesKey);
byte[] encrypted = cipher.doFinal(unencrypted.toString().getBytes("UTF8"));
String enc = new sun.misc.BASE64Encoder().encode(encrypted);
return enc;
} catch (Exception e) {
standardExceptionHandling(e, log);
return "";
}
}
/**
* Method that takes an encrypted string containing a standard web parameter string
* and converts it to a key/value set
*
* @param encrypted the encrypted string
* @return the key value set
*/
public static Map<String, String> decrypt(String encrypted) {
String decrypted = "";
try {
Cipher cipher = Cipher.getInstance("AES");
Key aesKey = new SecretKeySpec(AES_KEY.getBytes(), "AES");
cipher.init(Cipher.DECRYPT_MODE, aesKey);
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(encrypted);
decrypted = new String(cipher.doFinal(dec), "UTF8");
} catch (Exception e) {
standardExceptionHandling(e, log);
}
Map<String, String> values = new HashMap<String, String>();
for (String pair : decrypted.split("&")) {
String[] split_pair = pair.split("=");
String key, value;
if (split_pair.length == 1) {
key = split_pair[0];
value = "";
} else if (split_pair.length == 2) {
key = split_pair[0];
value = split_pair[1];
} else if (split_pair.length > 2) {
log.debug("Error when decrypting string, parameter found with more than 2 parts (" + pair + ")");
continue;
} else {
// We should never reach this, as it is impossible to split a string into a 0 length array.
log.debug("The impossible happened, we split a String into a 0 length array (" + pair + ")");
continue;
}
// This is only reach when key and value have been initialised thank to the continue statements when we hit
// an error state.
values.put(key, value);
}
return values;
}
publicstaticvoid标准异常处理(异常exc,记录器alog){
StringWriter sw=新的StringWriter();
PrintWriter pw=新的PrintWriter(sw);
exc.printStackTrace(pw);
alog.info(sw.toString());/*第292行*/
}
/**
*方法,将其转换为标准web参数字符串
*然后对字符串进行加密。
*
*@param值设置的键值
*@返回加密字符串
*
*/
公共静态字符串加密(映射值){
StringBuilder unencrypted=新StringBuilder();
布尔值优先=真;
for(Map.Entry值:values.entrySet()){
如果(第一){
第一个=假;
}否则{
未加密。追加(&);
}
未加密的.append(value.getKey())
.append(“=”)
.append(value.getValue());
}
试一试{
Cipher Cipher=Cipher.getInstance(“AES”);
Key aesKey=新的SecretKeySpec(AES_Key.getBytes(),“AES”);
cipher.init(cipher.ENCRYPT_模式,aesKey);
byte[]encrypted=cipher.doFinal(unencrypted.toString().getBytes(“UTF8”);
字符串enc=new sun.misc.BASE64Encoder().encode(加密);
返回enc;
}捕获(例外e){
标准例外处理(e、日志);
返回“”;
}
}
/**
*方法,该方法接受包含标准web参数字符串的加密字符串
*并将其转换为键/值集
*
*@param对加密字符串进行了加密
*@返回设置的键值
*/
公共静态映射解密(字符串加密){
字符串解密=”;
试一试{
Cipher Cipher=Cipher.getInstance(“AES”);
Key aesKey=新的SecretKeySpec(AES_Key.getBytes(),“AES”);
cipher.init(cipher.DECRYPT_模式,aesKey);
字节[]dec=new sun.misc.BASE64Decoder().decodeBuffer(加密);
解密=新字符串(cipher.doFinal(dec),“UTF8”);
}捕获(例外e){
标准例外处理(e、日志);
}
映射值=新的HashMap();
for(字符串对:解密的.split(&)){
String[]split\u pair=pair.split(“”);
字符串键,值;
如果(拆分对长度==1){
key=split_对[0];
value=“”;
}else if(split_pair.length==2){
key=split_对[0];
值=分割_对[1];
}否则如果(拆分对长度>2){
debug(“解密字符串时出错,发现参数包含两个以上的部分(“+pair+”)”);
继续;
}否则{
//我们永远不应该达到这一点,因为不可能将字符串拆分为长度为0的数组。
debug(“不可能的事情发生了,我们将一个字符串拆分成一个长度为0的数组(“+pair+”);
继续;
}
//只有在键和值已初始化时,这才是reach,这要感谢我们点击时的continue语句
//错误状态。
value.put(键、值);
}
返回值;
}
INFO 10/mar/2017 06:02:37 [http-nio-80-exec-104] (HelperMethods.java:292) - javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:913)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:436)
at javax.crypto.Cipher.doFinal(Cipher.java:2165)
at com.gg.gomoenterprise.utils.HelperMethods.decrypt(HelperMethods.java:349)
at com.gg.gomomessenger.servlets.EmailServlet.doPost(EmailServlet.java:60)
at com.gg.gomomessenger.servlets.EmailServlet.doGet(EmailServlet.java:46)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
DEBUG 10/mar/2017 06:02:37 [http-nio-80-exec-104] (EmailServlet.java:88) - com.gg.gomomessenger.commons.exceptions.EmailSeverletException: <h1>We do not see your email address in this program. You may have already unsubscribed or be subscribed with a different email address. If you need assistance, email support@mymobilemsg.com.</h1>
at com.gg.gomomessenger.commons.exceptions.EmailSeverletException.dataMisingException(EmailSeverletException.java:39)
at com.gg.gomomessenger.servlets.EmailOptInServlet.handleOpt(EmailOptInServlet.java:91)
at com.gg.gomomessenger.servlets.EmailServlet.doPost(EmailServlet.java:82)
at com.gg.gomomessenger.servlets.EmailServlet.doGet(EmailServlet.java:46)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
INFO 10/mar/2017 06:02:37[http-nio-80-exec-104](HelperMethods.java:292)-javax.crypto.IllegalBlockSizeException:使用填充密码解密时,输入长度必须是16的倍数
位于com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:913)
位于com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:824)
在com.sun.crypto.provider.aesciper.engineDoFinal上(aesciper.java:436)
位于javax.crypto.Cipher.doFinal(Cipher.java:2165)
在com.gg.gomoenterprise.utils.HelperMethods.decrypt上(HelperMethods.java:349)
位于com.gg.gomomessenger.servlets.EmailServlet.doPost(EmailServlet.java:60)
在com.gg.gomomessenger.servlets.EmailServlet.doGet(EmailServlet.java:46)
位于javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
位于javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
位于org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
位于org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
位于org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
位于org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
位于org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)
位于org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
位于org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
位于org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
位于org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:518)
位于org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1091)
位于org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)
位于org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1526)
位于org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1482)
位于java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
位于java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
位于org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
运行(Thread.java:745)
调试2017年3月10日06:02:37[http-nio-80-exec-104](电子邮件)